IM
IronMonkey Threat Research
LIVE
|
Articles 27,030
|
CVEs 348,161
|
APT Groups 800
|
Tools 2,196
|
Updated recently
Today Yesterday All 47 articles on Jul 16, 2026
The Hacker News ·

Owen Flowers, 18, and Thalha Jubair, 20, were each sentenced to five and a half years at Woolwich Crown Court on Thursday, 16 July 2026, for the 2024 hack of Transport for London. The attack left...

The Hacker News ·

A lot of this week’s trouble starts with something that looks close enough. A familiar repo. A useful installer. A harmless sync setting. Then the handoff goes bad, the box starts talking to...

The Hacker News ·

n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one external token issuer, it matched an incoming JWT to a...

Alerts and advisories ·

Grafana security advisory (AV26-710)

The Hacker News ·

Cybersecurity researchers have called attention to a new modular malware called TELEPUZ that's been spreading via websites infected with ClickFix lures since late April 2026. "The malware is...

Scattered Spider Information Technology
Articles – Threat Beat ·

Universities have long supported national security through research, education and workforce development. But Auburn University leaders say the scale and speed of today’s challenges require...

News
The Hacker News ·

ClickLock Stealer, a new macOS infostealer, answers a victim's refusal by killing their apps on a loop until they hand over the login password. It arrives as a command pasted into Terminal, asks...

Scattered Spider Safe Information Technology
Cisco Talos Blog ·

Long foretold, the Great Patching has begun and it’s a doozy. Buckle in as Joe takes you through the story.

Threat Source newsletter
www.theregister.com - Articles ·

Newly documented stealer ClickLock comes for the more trusting Mac user with spot of social engineering

cyber-crime
The Hacker News ·

More than 20 Brazilian government websites were hijacked and turned into malware delivery channels in an active PhantomEnigma campaign uncovered by ANY.RUN, a leading provider of interactive...

Scattered Spider Government Facilities Information Technology
Threats | CyberScoop ·

Officials accused three Russian nationals, Media Land and ML.Cloud of supporting cyberattacks spanning 21 U.S. states and other countries, resulting in losses surpassing $62 million. The post...

Cybercrime Cybersecurity
The Hacker News ·

Ask an AI agent to summarize the reviews on a product page, and a single planted review can make it click "Buy Now" instead. Ask a coding assistant to apply a maintainer's fix from a GitHub...

Scattered Spider Information Technology
The Hacker News ·

An advanced malware previously attributed to a China-linked threat actor has resurfaced after more than four years within a Taiwan manufacturing firm, along with a previously unreported backdoor...

Scattered Spider Critical Manufacturing Information Technology
The Record from Recorded Future News ·

“Age checks are a cornerstone of the UK’s online safety laws,” said Ofcom’s Chief Executive, Melanie Dawes. “Too many services have no or inadequate age checks in place, which is not good enough.”

Government News
The Hacker News ·

Artificial intelligence (AI) is changing offensive security, but it has not changed the standard that matters most: a finding has to be proven before it becomes useful. AI-assisted tools can read...

Scattered Spider Information Technology
Alerts and advisories ·

JetBrains security advisory (AV26-709)

The Hacker News ·

Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people's Shark vacuums across the same AWS region: watch the camera, drive the robot,...

Scattered Spider Information Technology
www.theregister.com - Articles ·

Sentencing bookends the biggest cybercrime conviction in UK history

Scattered Spider Lapsus$ cyber-crime
Articles – Threat Beat ·

In recent months, mounting opposition to AI has given rise to a surge of violent rhetoric, threats against people and property, and a serious attempt at harm. The phenomenon has executives at tech...

News
Schneier on Security ·

Daniel Solove argues in the Wall Street Journal (alternate link) that giving people control of their personal data is not an effective way to regulate privacy in this era. Instead, we need to hold...

Uncategorized academic papers
Articles – Threat Beat ·

The Air Force for the first time successfully fired an air-to-air missile from a new jet-powered combat drone built by defense company Anduril. The recent test, the Air Force said, is an important...

News
Articles – Threat Beat ·

The ability of the United States to fight in and through space has disproportionately magnified the effectiveness of U.S. military forces. However, this advantage has been eroding as China ramps...

Insight
Articles – Threat Beat ·

Cyber weapons have long been described as strategic instruments of statecraft. In practice, they have almost always been tactical in their application. Attackers have struggled to predict the...

Insight
The Hacker News ·

OpenAI has disclosed details of GPT-Red, an internal automated red-teaming model that scales prompt injection vulnerability discovery with an aim to fix issues before the tools are deployed...

Scattered Spider Information Technology
Articles – Threat Beat ·

Chinese analysts have closely followed Russia’s cyber offensive against Ukraine, drawing a series of lessons about how the People’s Republic of China (PRC) can better prepare for cyber warfare....

Insight
Threat Intelligence ·

Written by: Jules Czarniak Introduction As highlighted in the Mandiant M-Trends 2026 report, the mean time-to-exploit (TTE) has dropped to -7 days, meaning vulnerabilities are often exploited a...

Threat Intelligence
The Record from Recorded Future News ·

Rather than verifying they are human, the CAPTCHA users are instructed to copy and paste a PowerShell command into their Windows computers.

Government Facilities Information Technology Nation-state News
Alerts and advisories ·

Splunk security advisory (AV26-708)

Information Technology
LevelBlue SpiderLabs Blog ·

You're browsing a legitimate small business website. Before the page loads, a familiar Cloudflare box appears: "Verify you are human." It asks you to open Terminal, paste a code, and press Enter....

Financial Services Information Technology Emerging Threats Vulnerabilities
www.theregister.com - Articles ·

One in six machines still run the old OS as migration stalls and patch deadlines creep closer

Information Technology Healthcare and Public Health os platforms
Securelist ·

We identified targeted infection attempts against large Russian organizations using the ViPNet update system (a software suite for creating secure networks).

Malware Technologies Targeted attacks
Alerts and advisories ·

Zoom security advisory (AV26-707)

Information Technology Communications
The Hacker News ·

Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover. The vulnerability, tracked as CVE-2026-53412 (CVSS...

Scattered Spider Information Technology Communications
www.theregister.com - Articles ·

t.me borked for a day until platform proved it had no ties to service favored by cybercriminals

Information Technology Communications security
Securelist ·

Two-phase attacks with the GoSerpent backdoor, Stowaway RAT, ThumbcacheService and other tools aim to steal data from government entities in Southeast Asia.

Spring Dragon Kimsuky Cloud Atlas GReAT research Malware descriptions
Tenable Blog ·

Four Microsoft SharePoint Server vulnerabilities are under active exploitation, prompting CISA to issue a hardening alert. An additional high-severity flaw recently patched adds pressure for...

Seqrite Labs ·

Cyber threats no longer stop at the network perimeter. Today, attackers target brands wherever they have a digital presence, websites, social media, mobile apps, email, cloud platforms, and even...

Information Technology Threat Advisories & Alerts attack surface management
Cisco Talos Blog ·

Humans can no longer keep up with the volume and velocity of security data on their own, but AI can't be fully trusted. David discusses the merits of both and muses on what the future might look like.

On The Radar Threats
Cisco Talos Blog ·

Cisco Talos is disclosing UAT-11795, a sophisticated, Russian-speaking, financially motivated adversary that has been conducting a malicious campaign targeting users in the U.S. and Europe since...

Information Technology Financial Services Threats RAT
SECURITY.COM ·

Attack using previously unseen ransomware payload occurred in June 2026. The skill of its operators suggests wider campaigns may follow.

Information Technology
www.theregister.com - Articles ·

Using the admin password, you could be anyone and see anything

Healthcare and Public Health security
Tenable Blog ·

Agentic AI use is exploding, yet most security teams are building agents in isolation. Tenable is hosting Swarm, a build event at Black Hat 2026, for security practitioners to create and...

Information Technology
www.theregister.com - Articles ·

It’s possible to leak PII describing 5.7 million people without breaching privacy rules

Scattered Spider Transportation Systems cyber-crime
www.theregister.com - Articles ·

The Colonel stops taking online orders and may close stores after logistics partner’s systems go down

Transportation Systems Commercial Facilities security
The Hacker News ·

Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance...

Scattered Spider Information Technology Critical Manufacturing
Recorded Future ·

Explore how Iran utilized AI to enhance its asymmetric playbook during the 2026 conflict. Learn how AI acts as a force multiplier for Iranian cyber operations, influence campaigns, and domestic...

MuddyWater Mango Sandstorm Handala Hack Team Defense Industrial Base Government Facilities Research (Insikt)
Cloud Threat Landscape ·

A large-scale credential theft campaign exploiting CVE-2025-54068, a critical unauthenticated remote code execution vulnerability in Laravel Livewire v3. Attackers used PHP deserialization to...